Microsoft (MS) warned on the 11th in its "Cyber Pulse" AI security report that as AI adoption spreads, agents granted excessive access or given improper instructions could emerge as a "shadow AI risk," acting as security vulnerabilities within organizations.

Currently, 80% of Fortune 500 corporations were found to be operating AI active agents through low-code (minimal coding) or no-code methods. An active agent refers to an AI agent with activity recorded within the past 28 days.

Active agents by region account for 42% in Europe, the Middle East, and Africa, 29% in the United States, 19% in Asia, and 10% in the Americas./Courtesy of Microsoft

By region, the share of active agents was 42% in Europe, the Middle East and Africa, 29% in the United States, 19% in Asia, and 10% in the Americas. By industry, software and technology accounted for 16%, manufacturing 13%, financial services 11%, and retail 9%.

The Microsoft Defender team recently detected a fraudulent attack campaign exploiting memory poisoning techniques. MS said this is an attack method in which multiple attackers manipulate AI agent memory to induce responses.

The Microsoft AI Red Team found cases where agents followed harmful instructions embedded in routine content due to deceptive interface elements. It also identified cases where manipulated task framing distorted agents' reasoning direction.

In a survey conducted by Hypothesis Group at Microsoft's request, 29% of employees said they had used unauthorized AI agents for work. In addition, according to Microsoft's Data Security Index, only 47% of organizations had implemented Generative AI security controls.

In response, frontier corporations have recently been minimizing unnecessary data sharing and strengthening controls. The report said this approach is emerging as a strategic asset that turns agent protection into a competitive advantage.

It then presented visibility as the starting point for agent security. This means building a control plane that spans the entire organization, including IT, security and developers, to understand whether agents exist, who owns them, the scope of their data access and their behavior patterns, through an integrated management system.

Visibility consists of five core areas: "registry," which identifies and manages agents; "access control," which applies the principle of least privilege; "visualization," which monitors risks and behavior in real time; "interoperability," which supports consistent operations across platforms; and "security," which protects agents from internal and external threats.

Microsoft said, "The entire business, IT, security, AI teams and developer organizations need to collaborate and manage all agents consistently from a single, centralized control plane."

※ This article has been translated by AI. Share your feedback here.